research-article

SARA: Security Automotive Risk Analysis Method

Authors:

Jean-Philippe Monteuuis,

Aymen Boudguiga,

Pascal UrienAuthors Info & Claims

CPSS '18: Proceedings of the 4th ACM Workshop on Cyber-Physical System Security

Pages 3 - 14

https://doi.org/10.1145/3198458.3198465

Published: 22 May 2018 Publication History

Abstract

Connected and automated vehicles aim to improve the comfort and the safety of the driver and passengers. To this end, car manufacturers continually improve actual standardized methods to ensure their customers safety, privacy, and vehicles security. However, these methods do not support fully autonomous vehicles, linkability and confusion threats. To address such gaps, we propose a systematic threat analysis and risk assessment framework, SARA, which comprises an improved threat model, a new attack method/asset map, the involvement of the attacker in the attack tree, and a new driving system observation metric. Finally, we demonstrate its feasibility in assessing risk with two use cases: Vehicle Tracking and Comfortable Emergency Brake Failure.

References

[1]

SAE On-Road Automated Vehicle Standards Committee and others. Taxonomy and definitions for terms related to on-road motor vehicle automated driving systems, 2016.

[2]

Jonathan Petit, Djurrre Broekhuis, Michael Feiri, and Frank Kargl. Connected vehicles: Surveillance threat and mitigation. Black Hat Europe, 11:2015, 2015.

[3]

Charlie Miller and Chris Valasek. Remote exploitation of an unaltered passenger vehicle. Black Hat USA, 2015, 2015.

[4]

Aymen Boudguiga, Antoine Boulanger, Pascal Chiron, Witold Klaudel, Houda Labiod, and Jean-Christophe Seguy. Race: Risk analysis for cooperative engines. In New Technologies, Mobility and Security (NTMS), 2015 7th International Conference on, pages 1--5. IEEE, 2015.

[5]

Olaf Henniger, Ludovic Apvrille, Andreas Fuchs, Yves Roudier, Alastair Ruddle, and Benjamin Weyl. Security requirements for automotive on-board networks. In Intelligent Transport Systems Telecommunications,(ITST), 2009 9th International Conference on, pages 641--646. IEEE, 2009.

[6]

TS ETSI. 102 165--1:" telecommunications and internet converged services and protocols for advanced networking (tispan). Methods and protocols, pages 2011--03, 2011.

[7]

TS ETSI. 102 165--1:" telecommunications and internet converged services and protocols for advanced networking (tispan). Methods and protocols, pages 2017--10.

[8]

Jonathan Petit and Steven E Shladover. Potential cyberattacks on automated vehicles. IEEE Transactions on Intelligent Transportation Systems, 16(2):546--556, 2015.

Digital Library

[9]

Björn Wiedersheim, Zhendong Ma, Frank Kargl, and Panos Papadimitratos. Privacy in inter-vehicular networks: Why simple pseudonym change is not enough. In Wireless On-demand Network Systems and Services (WONS), 2010 Seventh International Conference on, pages 176--183. IEEE, 2010.

Digital Library

[10]

Jonathan Petit, Bas Stottelaar, Michael Feiri, and Frank Kargl. Remote attacks on automated vehicles sensors: Experiments on camera and lidar. Black Hat Europe, 11:2015, 2015.

[11]

Zhiyi Li, Dong Jin, Christopher Hannon, Mohammad Shahidehpour, and Jianhui Wang. Assessing and mitigating cybersecurity risks of traffic light systems in smart cities. IET Cyber-Physical Systems: Theory & Applications, 1(1):60--69, 2016.

[12]

Ivan Evtimov, Kevin Eykholt, Earlence Fernandes, Tadayoshi Kohno, Bo Li, Atul Prakash, Amir Rahmati, and Dawn Song. Robust physical-world attacks on machine learning models. CoRR, abs/1707.08945, 2017.

[13]

Ieee standard for wireless access in vehicular environments--security services for applications and management messages - amendment 1. IEEE Std 1609.2a-2017 (Amendment to IEEE Std 1609.2--2016), pages 1--123, Oct 2017.

[14]

Mafijul Md Islam, Aljoscha Lautenbach, Christian Sandberg, and Tomas Olovsson. A risk assessment framework for automotive embedded systems. In Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security, pages 3--14. ACM, 2016.

Digital Library

[15]

ISO26262 ISO. 26262: Road vehicles-functional safety. International Standard ISO/FDIS, 26262, 2011.

[16]

Rim Moalla, Houda Labiod, Brigitte Lonc, and Noemie Simoni. Risk analysis study of its communication architecture. In Network of the Future (NOF), 2012 Third International Conference on the, pages 1--5. IEEE, 2012.

[17]

Marko Wolf and Michael Scheibel. A systematic approach to a qualified security risk analysis for vehicular it systems. In Automotive-Safety & Security, pages 195--210, 2012.

[18]

Georg Macher, Eric Armengaud, Eugen Brenner, and Christian Kreiner. Threat and risk assessment methodologies in the automotive domain. Procedia computer science, 83:1288--1294, 2016.

[19]

Michael Howard and David LeBlanc. The stride threat model. from the book writing secure code, 2002.

[20]

David LeBlanc and Michael Howard. Writing secure code. Pearson Education, 2002.

Digital Library

[21]

Derrick Dominic, Sumeet Chhawri, Ryan M Eustice, Di Ma, and André Weimerskirch. Risk assessment for cooperative automated driving. In Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy, pages 47--58. ACM, 2016.

Digital Library

[22]

Jonathan Petit, Michael Feiri, and Frank Kargl. Revisiting attacker model for smart vehicles. In Wireless Vehicular Communications (WiVeC), 2014 IEEE 6th International Symposium on, pages 1--5. IEEE, 2014.

[23]

Common Criteria. Common methodology for information technology security evaluation, evaluation methodology, v3.1, revision 5. Common Criteria, 2017.

[24]

Information Technology - Security Techniques - Methodology for IT Security Evaluation. Standard, International Organization for Standardization, Geneva, CH, august 2008.

[25]

Information technology -- Security techniques -- Evaluation criteria for IT security. Standard, International Organization for Standardization, Geneva, CH, august 2009.

[26]

Pierre Merdrignac, Oyunchimeg Shagdar, and Fawzi Nashashibi. Fusion of perception and v2p communication systems for the safety of vulnerable road users. IEEE Transactions on Intelligent Transportation Systems, 18(7):1740--1751, 2017.

Digital Library

[27]

Norbert Bismeyer, Sebastian Mauthofer, Kpatcha M Bayarou, and Frank Kargl. Assessment of node trustworthiness in vanets using data plausibility checks with particle filters. In Vehicular Networking Conference (VNC), 2012 IEEE, pages 78--85. IEEE, 2012.

[28]

William Whyte, André Weimerskirch, Virendra Kumar, and Thorsten Hehn. A security credential management system for v2v communications. In Vehicular Networking Conference (VNC), 2013 IEEE, pages 1--8. IEEE, 2013.

[29]

Shawn Hernan, Scott Lambert, Tomasz Ostwald, and Adam Shostack. Threat modeling-uncover security design flaws using the stride approach. MSDN Magazine-Louisville, pages 68--75, 2006.

[30]

Marco Steger, Michael Karner, Joachim Hillebrand, Werner Rom, and Kay Römer. A security metric for structured security analysis of cyber-physical systems supporting sae j3061. In Modelling, Analysis, and Control of Complex CPS (CPS Data), 2016 2nd International Workshop on, pages 1--6. IEEE, 2016.

[31]

SAE International. Cybersecurity guidebook for cyber-physical vehicle systems. Standard, SAE International, March 2016.

[32]

ISO. Road vehicles -- Functional safety, 2011.

[33]

Attila Jaeger, Norbert Bißmeyer, Hagen Stübing, and Sorin A Huss. A novel framework for efficient mobility data verification in vehicular ad-hoc networks. International Journal of Intelligent Transportation Systems Research, 10(1):11--21, 2012.

[34]

Zaydounr Y Rawashdeh, Trong-Duy Nguyen, Anoop Pottammal, and Rajesh Malhan. Comfortable automated emergency brake for urban traffic light based on dsrc and on-board sensors. Technical report, SAE Technical Paper, 2017.

[35]

Georg Macher, Harald Sporer, Reinhard Berlach, Eric Armengaud, and Christian Kreiner. Sahara: a security-aware hazard and risk analysis method. In Design, Automation & Test in Europe Conference & Exhibition (DATE), 2015, pages 621--624. IEEE, 2015.

Digital Library

[36]

Christoph Schmittner, Zhendong Ma, Carolina Reyes, Oliver Dillinger, and Peter Puschner. Using sae j3061 for automotive security requirement engineering. In International Conference on Computer Safety, Reliability, and Security, pages 157--170. Springer, 2016.

Cited By

Bolbot VXiang LBrunou PKiviharju MDing YBanda O(2024)Cybersecurity risk assessment of a marine dual-fuel engine on inland waterways shipProceedings of the Institution of Mechanical Engineers, Part M: Journal of Engineering for the Maritime Environment10.1177/14750902241265173Online publication date: 28-Jul-2024
https://doi.org/10.1177/14750902241265173
Meyer PHäckel TLübeck TKorf FSchmidt T(2024)A Framework for the Systematic Assessment of Anomaly Detectors in Time-Sensitive Automotive Networks2024 IEEE Vehicular Networking Conference (VNC)10.1109/VNC61989.2024.10576017(57-64)Online publication date: 29-May-2024
https://doi.org/10.1109/VNC61989.2024.10576017
Abdo AChen HZhao XWu GFeng Y(2024)Cybersecurity on Connected and Automated Transportation Systems: A SurveyIEEE Transactions on Intelligent Vehicles10.1109/TIV.2023.33267369:1(1382-1401)Online publication date: Jan-2024
https://doi.org/10.1109/TIV.2023.3326736
Show More Cited By

Index Terms

SARA: Security Automotive Risk Analysis Method
1. Computer systems organization
  1. Dependable and fault-tolerant systems and networks
  2. Embedded and cyber-physical systems
2. Security and privacy
  1. Formal methods and theory of security
    1. Security requirements
  2. Security in hardware
    1. Embedded systems security

Recommendations

Proposing HEAVENS 2.0 – an automotive risk assessment model
CSCS '21: Proceedings of the 5th ACM Computer Science in Cars Symposium

Risk-based security models have seen a steady rise in popularity over the last decades, and several security risk assessment models have been proposed for the automotive industry. The new UN vehicle regulation 155 on cybersecurity provisions for vehicle ...
A Risk Assessment Framework for Automotive Embedded Systems
CPSS '16: Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security

The automotive industry is experiencing a paradigm shift towards autonomous and connected vehicles. Coupled with the increasing usage and complexity of electrical and/or electronic systems, this introduces new safety and security risks. Encouragingly, ...
Towards Effective Identification and Rating of Automotive Vulnerabilities
AutoSec '20: Proceedings of the Second ACM Workshop on Automotive and Aerial Vehicle Security

Cybersecurity is a paramount concern in automobiles since deficiencies in security controls put human lives at risk. Some security vulnerabilities are more critical than others and demand immediate attention. Therefore, it is imperative to quantify ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CPSS '18: Proceedings of the 4th ACM Workshop on Cyber-Physical System Security

May 2018

79 pages

ISBN:9781450357555

DOI:10.1145/3198458

Program Chairs:
Dieter Gollmann
Hamburg University of Technology, Germany &NTU, Singapore
,
Jianying Zhou
SUTD, Singapore

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 May 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '18

Sponsor:

SIGSAC

ASIA CCS '18: ACM Asia Conference on Computer and Communications Security

June 4, 2018

Incheon, Republic of Korea

Acceptance Rates

CPSS '18 Paper Acceptance Rate 6 of 24 submissions, 25%;

Overall Acceptance Rate 43 of 135 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

30
Total Citations
View Citations
780
Total Downloads

Downloads (Last 12 months)91
Downloads (Last 6 weeks)6

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Bolbot VXiang LBrunou PKiviharju MDing YBanda O(2024)Cybersecurity risk assessment of a marine dual-fuel engine on inland waterways shipProceedings of the Institution of Mechanical Engineers, Part M: Journal of Engineering for the Maritime Environment10.1177/14750902241265173Online publication date: 28-Jul-2024
https://doi.org/10.1177/14750902241265173
Meyer PHäckel TLübeck TKorf FSchmidt T(2024)A Framework for the Systematic Assessment of Anomaly Detectors in Time-Sensitive Automotive Networks2024 IEEE Vehicular Networking Conference (VNC)10.1109/VNC61989.2024.10576017(57-64)Online publication date: 29-May-2024
https://doi.org/10.1109/VNC61989.2024.10576017
Abdo AChen HZhao XWu GFeng Y(2024)Cybersecurity on Connected and Automated Transportation Systems: A SurveyIEEE Transactions on Intelligent Vehicles10.1109/TIV.2023.33267369:1(1382-1401)Online publication date: Jan-2024
https://doi.org/10.1109/TIV.2023.3326736
Liu QLi XSun KLi YLiu Y(2024)SISSA: Real-Time Monitoring of Hardware Functional Safety and Cybersecurity With In-Vehicle SOME/IP Ethernet TrafficIEEE Internet of Things Journal10.1109/JIOT.2024.339766511:16(27322-27339)Online publication date: 15-Aug-2024
https://doi.org/10.1109/JIOT.2024.3397665
Saßnick ORosenstatter TSchäfer CHuber S(2024)STRIDE-based Methodologies for Threat Modeling of Industrial Control Systems: A Review2024 IEEE 7th International Conference on Industrial Cyber-Physical Systems (ICPS)10.1109/ICPS59941.2024.10639949(1-8)Online publication date: 12-May-2024
https://doi.org/10.1109/ICPS59941.2024.10639949
Rao SRoy S(2024)A Novel Scalable Hybrid Threat Analysis and Risk Assessment Engine for an Automotive Subsystem2024 IEEE International Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)10.1109/IATMSI60426.2024.10503203(1-6)Online publication date: 14-Mar-2024
https://doi.org/10.1109/IATMSI60426.2024.10503203
Nguyen NCho JMoore TYoon SLim HNelson FBai GKim D(2024)AuSSE: A Novel Framework for Security and Safety Evaluation for Autonomous Vehicles2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S)10.1109/DSN-S60304.2024.00012(1-5)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN-S60304.2024.00012
Granata DRak M(2024)Systematic analysis of automated threat modelling techniques: Comparison of open-source toolsSoftware Quality Journal10.1007/s11219-023-09634-432:1(125-161)Online publication date: 1-Mar-2024
https://dl.acm.org/doi/10.1007/s11219-023-09634-4
Jungebloud TH. Nguyen NSeong Kim DZimmermann A(2024)Hierarchical Model-Based Cybersecurity Risk Assessment During System DesignICT Systems Security and Privacy Protection10.1007/978-3-031-56326-3_3(30-44)Online publication date: 24-Apr-2024
https://doi.org/10.1007/978-3-031-56326-3_3
Benyahya MLenard TCollen ANijdam N(2023)A Systematic Review of Threat Analysis and Risk Assessment Methodologies for Connected and Automated VehiclesProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3605084(1-10)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3605084
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents